package com.nidu.demo.security.config;

import org.springframework.core.Ordered;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer; // 使用新的类替代过时的类

public abstract class AuthorizeRequestsCustomizer
        implements Customizer<AuthorizeHttpRequestsConfigurer<HttpSecurity>.AuthorizationManagerRequestMatcherRegistry>, Ordered{

    @Override
    public int getOrder() {
        return Ordered.HIGHEST_PRECEDENCE;
    }

    @Override
    public void customize(AuthorizeHttpRequestsConfigurer<HttpSecurity>.AuthorizationManagerRequestMatcherRegistry registry) {
        registry
            .requestMatchers("/custom/**").hasRole("CUSTOM_ROLE")  // 例如，定义 /custom/** 路径需要 CUSTOM_ROLE 角色
            .requestMatchers("/admin/**").hasRole("ADMIN");  // 例如，定义 /admin/** 路径需要 ADMIN 角色
    }

}